AI vulnerability scanners have crossed a practical threshold with a Mythos like model achieving a 10% miss rate (90% catch rate), down from GPT 5's 40% miss rate, making automated vulnerability discovery viable at scale. CISA is blocked from accessing both Anthropic's Mythos and…
An AI model that catches nine out of ten software vulnerabilities has crossed the practical threshold for automated vulnerability discovery at real-world scale. The question now is who gets to use it — and who doesn't.
XBOW, the firm behind the benchmark, tested GPT-5 against a curated set of planted vulnerabilities. It missed 40% of them. A successor combining capabilities similar to Anthropic's Mythos dropped that miss rate to 10% — the point at which a scanner becomes genuinely useful rather than a noise generator, XBOW found. That performance gap, from 40% missed to 10% missed, is the technical news peg of a story whose structural news peg is an increasingly familiar problem: the United States has built a two-tier cyber regime in which military intelligence operates these tools and civilian defense largely cannot.
CISA, the agency charged with defending critical infrastructure, is blocked from using both Anthropic's Mythos and OpenAI's GPT 5.5, Forbes reported. Chinese state hackers have already used Claude, Anthropic's AI assistant, to generate cyberattacks on as many as 30 targets, including government entities, Anthropic disclosed last month. The same tool that found thousands of zero-day vulnerabilities across critical systems is off-limits to the civilian agency tasked with tracking exactly those kinds of campaigns.
The mechanism is the same one that created the access disparity between military and civilian agencies: the Pentagon designated Anthropic a supply chain risk — the first time a U.S. company has received that classification, according to Reuters. NSA and other military intelligence agencies secured their own classified access to Mythos through a program called Project Glasswing, which has deployed the tool to 40 companies, The Verge reported. CISA, as a civilian agency, was left out. "We aren't even allowed to say the name Anthropic right now," one CISA employee told Forbes. NSA declined to comment.
The timing compounds the problem. The Trump administration has cut CISA's workforce, proposed an additional $707 million reduction in its budget, TechCrunch reported, and the position of permanent director remains empty after Sean Plankey withdrew from consideration, Forbes separately reported. The agency is smaller, its leadership vacuum is deeper, and the one class of tools that might have helped it operate at the same level as adversaries is legally out of reach.
What happens next is unclear. Some current and former officials argue the fix is straightforward: CISA needs its own access, classified if necessary, to the same tools adversaries are already using. Others say the supply chain designation was correct and that reopening that legal question would create more risk than it solves. The Chinese campaign that Anthropic disclosed is ongoing. Project Glasswing is ongoing. And CISA is still looking for a director.